Fork me on GitHub

Module keyvault

@pulumi/azure > keyvault

Index

keyvault/accessPolicy.ts keyvault/certifiate.ts keyvault/getAccessPolicy.ts keyvault/getKeyVault.ts keyvault/getSecret.ts keyvault/key.ts keyvault/keyVault.ts keyvault/secret.ts

class AccessPolicy

Manages a Key Vault Access Policy.

~> NOTE: It’s possible to define Key Vault Access Policies both within the azurerm_key_vault resource via the access_policy block and by using the azurerm_key_vault_access_policy resource. However it’s not possible to use both methods to manage Access Policies within a KeyVault, since there’ll be conflicts.

-> NOTE: Azure permits a maximum of 16 Access Policies per Key Vault - more information can be found in this document.

constructor

new AccessPolicy(name: string, args: AccessPolicyArgs, opts?: pulumi.CustomResourceOptions)

Create a AccessPolicy resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AccessPolicyState): AccessPolicy

Get an existing AccessPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property applicationId

public applicationId: pulumi.Output<string | undefined>;

The object ID of an Application in Azure Active Directory.

property certificatePermissions

public certificatePermissions: pulumi.Output<string[] | undefined>;

List of certificate permissions, must be one or more from the following: create, delete, deleteissuers, get, getissuers, import, list, listissuers, managecontacts, manageissuers, purge, recover, setissuers and update.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property keyPermissions

public keyPermissions: pulumi.Output<string[]>;

List of key permissions, must be one or more from the following: backup, create, decrypt, delete, encrypt, get, import, list, purge, recover, restore, sign, unwrapKey, update, verify and wrapKey.

property objectId

public objectId: pulumi.Output<string>;

The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies. Changing this forces a new resource to be created.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the namespace. Changing this forces a new resource to be created.

property secretPermissions

public secretPermissions: pulumi.Output<string[]>;

List of secret permissions, must be one or more from the following: backup, delete, get, list, purge, recover, restore and set.

property tenantId

public tenantId: pulumi.Output<string>;

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault. Changing this forces a new resource to be created.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vaultName

public vaultName: pulumi.Output<string>;

Specifies the name of the Key Vault resource. Changing this forces a new resource to be created.

class Certifiate

Manages a Key Vault Certificate.

constructor

new Certifiate(name: string, args: CertifiateArgs, opts?: pulumi.CustomResourceOptions)

Create a Certifiate resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: CertifiateState): Certifiate

Get an existing Certifiate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property certificate

public certificate: pulumi.Output<{ ... } | undefined>;

A certificate block as defined below, used to Import an existing certificate.

property certificateData

public certificateData: pulumi.Output<string>;

The raw Key Vault Certificate.

property certificatePolicy

public certificatePolicy: pulumi.Output<{ ... }>;

A certificate_policy block as defined below.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

The name of the Certificate Issuer. Possible values include Self, or the name of a certificate issuing authority supported by Azure. Changing this forces a new resource to be created.

property secretId

public secretId: pulumi.Output<string>;

The ID of the associated Key Vault Secret.

property tags

public tags: pulumi.Output<{ ... }>;

A mapping of tags to assign to the resource.

property thumbprint

public thumbprint: pulumi.Output<string>;

The X509 Thumbprint of the Key Vault Certificate returned as hex string.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vaultUri

public vaultUri: pulumi.Output<string>;

Specifies the URI used to access the Key Vault instance, available on the azurerm_key_vault resource.

property version

public version: pulumi.Output<string>;

The current version of the Key Vault Certificate.

class Key

Manages a Key Vault Key.

constructor

new Key(name: string, args: KeyArgs, opts?: pulumi.CustomResourceOptions)

Create a Key resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: KeyState): Key

Get an existing Key resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property e

public e: pulumi.Output<string>;

The RSA public exponent of this Key Vault Key.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property keyOpts

public keyOpts: pulumi.Output<string[]>;

A list of JSON web key operations. Possible values include: decrypt, encrypt, sign, unwrapKey, verify and wrapKey. Please note these values are case sensitive.

property keySize

public keySize: pulumi.Output<number>;

Specifies the Size of the Key to create in bytes. For example, 1024 or 2048. Changing this forces a new resource to be created.

property keyType

public keyType: pulumi.Output<string>;

Specifies the Key Type to use for this Key Vault Key. Possible values are EC (Elliptic Curve), Oct (Octet), RSA and RSA-HSM. Changing this forces a new resource to be created.

property n

public n: pulumi.Output<string>;

The RSA modulus of this Key Vault Key.

property name

public name: pulumi.Output<string>;

Specifies the name of the Key Vault Key. Changing this forces a new resource to be created.

property tags

public tags: pulumi.Output<{ ... }>;

A mapping of tags to assign to the resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vaultUri

public vaultUri: pulumi.Output<string>;

Specifies the URI used to access the Key Vault instance, available on the azurerm_key_vault resource.

property version

public version: pulumi.Output<string>;

The current version of the Key Vault Key.

class KeyVault

Manages a Key Vault.

~> NOTE: It’s possible to define Key Vault Access Policies both within the azurerm_key_vault resource via the access_policy block and by using the azurerm_key_vault_access_policy resource. However it’s not possible to use both methods to manage Access Policies within a KeyVault, since there’ll be conflicts.

constructor

new KeyVault(name: string, args: KeyVaultArgs, opts?: pulumi.CustomResourceOptions)

Create a KeyVault resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: KeyVaultState): KeyVault

Get an existing KeyVault resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property accessPolicies

public accessPolicies: pulumi.Output<{ ... }[]>;

An access policy block as described below. A maximum of 16 may be declared.

property enabledForDeployment

public enabledForDeployment: pulumi.Output<boolean | undefined>;

Boolean flag to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault. Defaults to false.

property enabledForDiskEncryption

public enabledForDiskEncryption: pulumi.Output<boolean | undefined>;

Boolean flag to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys. Defaults to false.

property enabledForTemplateDeployment

public enabledForTemplateDeployment: pulumi.Output<boolean | undefined>;

Boolean flag to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault. Defaults to false.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property location

public location: pulumi.Output<string>;

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

property name

public name: pulumi.Output<string>;

SKU name to specify whether the key vault is a standard or premium vault.

property resourceGroupName

public resourceGroupName: pulumi.Output<string>;

The name of the resource group in which to create the Key Vault. Changing this forces a new resource to be created.

property sku

public sku: pulumi.Output<{ ... }>;

An SKU block as described below.

property tags

public tags: pulumi.Output<{ ... }>;

A mapping of tags to assign to the resource.

property tenantId

public tenantId: pulumi.Output<string>;

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault. Must match the tenant_id used above.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vaultUri

public vaultUri: pulumi.Output<string>;

The URI of the vault for performing operations on keys and secrets.

class Secret

Manages a Key Vault Secret.

~> Note: All arguments including the secret value will be stored in the raw state as plain-text. Read more about sensitive data in state.

constructor

new Secret(name: string, args: SecretArgs, opts?: pulumi.CustomResourceOptions)

Create a Secret resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SecretState): Secret

Get an existing Secret resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property contentType

public contentType: pulumi.Output<string | undefined>;

Specifies the content type for the Key Vault Secret.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Specifies the name of the Key Vault Secret. Changing this forces a new resource to be created.

property tags

public tags: pulumi.Output<{ ... }>;

A mapping of tags to assign to the resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property value

public value: pulumi.Output<string>;

Specifies the value of the Key Vault Secret.

property vaultUri

public vaultUri: pulumi.Output<string>;

Specifies the URI used to access the Key Vault instance, available on the azurerm_key_vault resource.

property version

public version: pulumi.Output<string>;

The current version of the Key Vault Secret.

function getAccessPolicy

getAccessPolicy(args: GetAccessPolicyArgs, opts?: pulumi.InvokeOptions): Promise<GetAccessPolicyResult>

Use this data source to access information about the permissions from the Management Key Vault Templates.

function getKeyVault

getKeyVault(args: GetKeyVaultArgs, opts?: pulumi.InvokeOptions): Promise<GetKeyVaultResult>

Gets information about a Key Vault.

function getSecret

getSecret(args: GetSecretArgs, opts?: pulumi.InvokeOptions): Promise<GetSecretResult>

Returns information about the specified Key Vault Secret.

~> Note: All arguments including the secret value will be stored in the raw state as plain-text. Read more about sensitive data in state.

interface AccessPolicyArgs

The set of arguments for constructing a AccessPolicy resource.

property applicationId

applicationId?: pulumi.Input<string>;

The object ID of an Application in Azure Active Directory.

property certificatePermissions

certificatePermissions?: pulumi.Input<pulumi.Input<string>[]>;

List of certificate permissions, must be one or more from the following: create, delete, deleteissuers, get, getissuers, import, list, listissuers, managecontacts, manageissuers, purge, recover, setissuers and update.

property keyPermissions

keyPermissions: pulumi.Input<pulumi.Input<string>[]>;

List of key permissions, must be one or more from the following: backup, create, decrypt, delete, encrypt, get, import, list, purge, recover, restore, sign, unwrapKey, update, verify and wrapKey.

property objectId

objectId: pulumi.Input<string>;

The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies. Changing this forces a new resource to be created.

property resourceGroupName

resourceGroupName: pulumi.Input<string>;

The name of the resource group in which to create the namespace. Changing this forces a new resource to be created.

property secretPermissions

secretPermissions: pulumi.Input<pulumi.Input<string>[]>;

List of secret permissions, must be one or more from the following: backup, delete, get, list, purge, recover, restore and set.

property tenantId

tenantId: pulumi.Input<string>;

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault. Changing this forces a new resource to be created.

property vaultName

vaultName: pulumi.Input<string>;

Specifies the name of the Key Vault resource. Changing this forces a new resource to be created.

interface AccessPolicyState

Input properties used for looking up and filtering AccessPolicy resources.

property applicationId

applicationId?: pulumi.Input<string>;

The object ID of an Application in Azure Active Directory.

property certificatePermissions

certificatePermissions?: pulumi.Input<pulumi.Input<string>[]>;

List of certificate permissions, must be one or more from the following: create, delete, deleteissuers, get, getissuers, import, list, listissuers, managecontacts, manageissuers, purge, recover, setissuers and update.

property keyPermissions

keyPermissions?: pulumi.Input<pulumi.Input<string>[]>;

List of key permissions, must be one or more from the following: backup, create, decrypt, delete, encrypt, get, import, list, purge, recover, restore, sign, unwrapKey, update, verify and wrapKey.

property objectId

objectId?: pulumi.Input<string>;

The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies. Changing this forces a new resource to be created.

property resourceGroupName

resourceGroupName?: pulumi.Input<string>;

The name of the resource group in which to create the namespace. Changing this forces a new resource to be created.

property secretPermissions

secretPermissions?: pulumi.Input<pulumi.Input<string>[]>;

List of secret permissions, must be one or more from the following: backup, delete, get, list, purge, recover, restore and set.

property tenantId

tenantId?: pulumi.Input<string>;

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault. Changing this forces a new resource to be created.

property vaultName

vaultName?: pulumi.Input<string>;

Specifies the name of the Key Vault resource. Changing this forces a new resource to be created.

interface CertifiateArgs

The set of arguments for constructing a Certifiate resource.

property certificate

certificate?: pulumi.Input<{ ... }>;

A certificate block as defined below, used to Import an existing certificate.

property certificatePolicy

certificatePolicy: pulumi.Input<{ ... }>;

A certificate_policy block as defined below.

property name

name?: pulumi.Input<string>;

The name of the Certificate Issuer. Possible values include Self, or the name of a certificate issuing authority supported by Azure. Changing this forces a new resource to be created.

property tags

tags?: pulumi.Input<{ ... }>;

A mapping of tags to assign to the resource.

property vaultUri

vaultUri: pulumi.Input<string>;

Specifies the URI used to access the Key Vault instance, available on the azurerm_key_vault resource.

interface CertifiateState

Input properties used for looking up and filtering Certifiate resources.

property certificate

certificate?: pulumi.Input<{ ... }>;

A certificate block as defined below, used to Import an existing certificate.

property certificateData

certificateData?: pulumi.Input<string>;

The raw Key Vault Certificate.

property certificatePolicy

certificatePolicy?: pulumi.Input<{ ... }>;

A certificate_policy block as defined below.

property name

name?: pulumi.Input<string>;

The name of the Certificate Issuer. Possible values include Self, or the name of a certificate issuing authority supported by Azure. Changing this forces a new resource to be created.

property secretId

secretId?: pulumi.Input<string>;

The ID of the associated Key Vault Secret.

property tags

tags?: pulumi.Input<{ ... }>;

A mapping of tags to assign to the resource.

property thumbprint

thumbprint?: pulumi.Input<string>;

The X509 Thumbprint of the Key Vault Certificate returned as hex string.

property vaultUri

vaultUri?: pulumi.Input<string>;

Specifies the URI used to access the Key Vault instance, available on the azurerm_key_vault resource.

property version

version?: pulumi.Input<string>;

The current version of the Key Vault Certificate.

interface GetAccessPolicyArgs

A collection of arguments for invoking getAccessPolicy.

property name

name: string;

Specifies the name of the Management Template. Possible values are: Key Management, Secret Management, Certificate Management, Key & Secret Management, Key & Certificate Management, Secret & Certificate Management, Key, Secret, & Certificate Management

interface GetAccessPolicyResult

A collection of values returned by getAccessPolicy.

property certificatePermissions

certificatePermissions: string[];

the certificate permissions for the access policy

property id

id: string;

id is the provider-assigned unique ID for this managed resource.

property keyPermissions

keyPermissions: string[];

the key permissions for the access policy

property secretPermissions

secretPermissions: string[];

the secret permissions for the access policy

interface GetKeyVaultArgs

A collection of arguments for invoking getKeyVault.

property name

name: string;

Specifies the name of the Key Vault.

property resourceGroupName

resourceGroupName: string;

The name of the Resource Group in which the Key Vault exists.

interface GetKeyVaultResult

A collection of values returned by getKeyVault.

property accessPolicies

accessPolicies: { ... }[];

One or more access_policy blocks as defined below.

property enabledForDeployment

enabledForDeployment: boolean;

Can Azure Virtual Machines retrieve certificates stored as secrets from the Key Vault?

property enabledForDiskEncryption

enabledForDiskEncryption: boolean;

Can Azure Disk Encryption retrieve secrets from the Key Vault?

property enabledForTemplateDeployment

enabledForTemplateDeployment: boolean;

Can Azure Resource Manager retrieve secrets from the Key Vault?

property id

id: string;

id is the provider-assigned unique ID for this managed resource.

property location

location: string;

The Azure Region in which the Key Vault exists.

property sku

sku: { ... };

A sku block as described below.

property tags

tags: { ... };

A mapping of tags assigned to the Key Vault.

property tenantId

tenantId: string;

The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.

property vaultUri

vaultUri: string;

The URI of the vault for performing operations on keys and secrets.

interface GetSecretArgs

A collection of arguments for invoking getSecret.

property name

name: string;

Specifies the name of the Key Vault Secret.

property vaultUri

vaultUri: string;

Specifies the URI used to access the Key Vault instance, available on the azurerm_key_vault Data Source / Resource.

interface GetSecretResult

A collection of values returned by getSecret.

property contentType

contentType: string;

The content type for the Key Vault Secret.

property id

id: string;

id is the provider-assigned unique ID for this managed resource.

property tags

tags: { ... };

Any tags assigned to this resource.

property value

value: string;

The value of the Key Vault Secret.

property version

version: string;

The current version of the Key Vault Secret.

interface KeyArgs

The set of arguments for constructing a Key resource.

property keyOpts

keyOpts: pulumi.Input<pulumi.Input<string>[]>;

A list of JSON web key operations. Possible values include: decrypt, encrypt, sign, unwrapKey, verify and wrapKey. Please note these values are case sensitive.

property keySize

keySize: pulumi.Input<number>;

Specifies the Size of the Key to create in bytes. For example, 1024 or 2048. Changing this forces a new resource to be created.

property keyType

keyType: pulumi.Input<string>;

Specifies the Key Type to use for this Key Vault Key. Possible values are EC (Elliptic Curve), Oct (Octet), RSA and RSA-HSM. Changing this forces a new resource to be created.

property name

name?: pulumi.Input<string>;

Specifies the name of the Key Vault Key. Changing this forces a new resource to be created.

property tags

tags?: pulumi.Input<{ ... }>;

A mapping of tags to assign to the resource.

property vaultUri

vaultUri: pulumi.Input<string>;

Specifies the URI used to access the Key Vault instance, available on the azurerm_key_vault resource.

interface KeyState

Input properties used for looking up and filtering Key resources.

property e

e?: pulumi.Input<string>;

The RSA public exponent of this Key Vault Key.

property keyOpts

keyOpts?: pulumi.Input<pulumi.Input<string>[]>;

A list of JSON web key operations. Possible values include: decrypt, encrypt, sign, unwrapKey, verify and wrapKey. Please note these values are case sensitive.

property keySize

keySize?: pulumi.Input<number>;

Specifies the Size of the Key to create in bytes. For example, 1024 or 2048. Changing this forces a new resource to be created.

property keyType

keyType?: pulumi.Input<string>;

Specifies the Key Type to use for this Key Vault Key. Possible values are EC (Elliptic Curve), Oct (Octet), RSA and RSA-HSM. Changing this forces a new resource to be created.

property n

n?: pulumi.Input<string>;

The RSA modulus of this Key Vault Key.

property name

name?: pulumi.Input<string>;

Specifies the name of the Key Vault Key. Changing this forces a new resource to be created.

property tags

tags?: pulumi.Input<{ ... }>;

A mapping of tags to assign to the resource.

property vaultUri

vaultUri?: pulumi.Input<string>;

Specifies the URI used to access the Key Vault instance, available on the azurerm_key_vault resource.

property version

version?: pulumi.Input<string>;

The current version of the Key Vault Key.

interface KeyVaultArgs

The set of arguments for constructing a KeyVault resource.

property accessPolicies

accessPolicies?: pulumi.Input<pulumi.Input<{ ... }>[]>;

An access policy block as described below. A maximum of 16 may be declared.

property enabledForDeployment

enabledForDeployment?: pulumi.Input<boolean>;

Boolean flag to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault. Defaults to false.

property enabledForDiskEncryption

enabledForDiskEncryption?: pulumi.Input<boolean>;

Boolean flag to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys. Defaults to false.

property enabledForTemplateDeployment

enabledForTemplateDeployment?: pulumi.Input<boolean>;

Boolean flag to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault. Defaults to false.

property location

location: pulumi.Input<string>;

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

property name

name?: pulumi.Input<string>;

SKU name to specify whether the key vault is a standard or premium vault.

property resourceGroupName

resourceGroupName: pulumi.Input<string>;

The name of the resource group in which to create the Key Vault. Changing this forces a new resource to be created.

property sku

sku: pulumi.Input<{ ... }>;

An SKU block as described below.

property tags

tags?: pulumi.Input<{ ... }>;

A mapping of tags to assign to the resource.

property tenantId

tenantId: pulumi.Input<string>;

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault. Must match the tenant_id used above.

interface KeyVaultState

Input properties used for looking up and filtering KeyVault resources.

property accessPolicies

accessPolicies?: pulumi.Input<pulumi.Input<{ ... }>[]>;

An access policy block as described below. A maximum of 16 may be declared.

property enabledForDeployment

enabledForDeployment?: pulumi.Input<boolean>;

Boolean flag to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault. Defaults to false.

property enabledForDiskEncryption

enabledForDiskEncryption?: pulumi.Input<boolean>;

Boolean flag to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys. Defaults to false.

property enabledForTemplateDeployment

enabledForTemplateDeployment?: pulumi.Input<boolean>;

Boolean flag to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault. Defaults to false.

property location

location?: pulumi.Input<string>;

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

property name

name?: pulumi.Input<string>;

SKU name to specify whether the key vault is a standard or premium vault.

property resourceGroupName

resourceGroupName?: pulumi.Input<string>;

The name of the resource group in which to create the Key Vault. Changing this forces a new resource to be created.

property sku

sku?: pulumi.Input<{ ... }>;

An SKU block as described below.

property tags

tags?: pulumi.Input<{ ... }>;

A mapping of tags to assign to the resource.

property tenantId

tenantId?: pulumi.Input<string>;

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault. Must match the tenant_id used above.

property vaultUri

vaultUri?: pulumi.Input<string>;

The URI of the vault for performing operations on keys and secrets.

interface SecretArgs

The set of arguments for constructing a Secret resource.

property contentType

contentType?: pulumi.Input<string>;

Specifies the content type for the Key Vault Secret.

property name

name?: pulumi.Input<string>;

Specifies the name of the Key Vault Secret. Changing this forces a new resource to be created.

property tags

tags?: pulumi.Input<{ ... }>;

A mapping of tags to assign to the resource.

property value

value: pulumi.Input<string>;

Specifies the value of the Key Vault Secret.

property vaultUri

vaultUri: pulumi.Input<string>;

Specifies the URI used to access the Key Vault instance, available on the azurerm_key_vault resource.

interface SecretState

Input properties used for looking up and filtering Secret resources.

property contentType

contentType?: pulumi.Input<string>;

Specifies the content type for the Key Vault Secret.

property name

name?: pulumi.Input<string>;

Specifies the name of the Key Vault Secret. Changing this forces a new resource to be created.

property tags

tags?: pulumi.Input<{ ... }>;

A mapping of tags to assign to the resource.

property value

value?: pulumi.Input<string>;

Specifies the value of the Key Vault Secret.

property vaultUri

vaultUri?: pulumi.Input<string>;

Specifies the URI used to access the Key Vault instance, available on the azurerm_key_vault resource.

property version

version?: pulumi.Input<string>;

The current version of the Key Vault Secret.